3361116 - Expired Refresh Token for OAuth2 Client Authorization Code

• You have an iFlow which is using an OAuth2 Client Authorization Code Grant (with Generic Provider) for Authentication
• The iFlow was working previously but then (perhaps sporadically) starts failing with one of the following error types -
  
  a. Access token request via refresh_token grant type for OAuth2 Authorization Code credential '<credential name>' failed after 5 retries: HTTP request failed: null (HTTP response code: 401, token URL '<token url, eg. https://test.oauth.com/v1/oauth2/token>', client Id '<client id, usually GUID>', client secret SHA256 hash '<hash value>', refresh token SHA 256 hash '<hash value>', and  scope '<scopes or null>')
  

  b. Access token request via refresh_token grant type for OAuth2 Authorization Code credential '<credential name>' failed after 5 retries: HTTP request failed: {"error":"invalid_grant","error_description":"Invalid refresh token: < some further information>"} (HTTP response code: 400, token URL '<token url, eg. https://test.oauth.com/v1/oauth2/token>', client Id '<client id, usually GUID>, client secret SHA256 hash '<hash value>', refresh token SHA 256 hash '<hash value>', and  scope '<scopes or null>')

  The error part {"error":"invalid_grant","error_description":"Invalid refresh token: < some further information>"} may vary, because this error information depends on the called OAuth2 server

• The CPI tenant on which the error is occurring is hosted on Cloud Foundry

• SAP Cloud Integration
• SAP Integration Suite
• SAP Business Technology Platform

CPI, HCI, SCPI, Integration Suite, Cloud Integration, iFLow, Integration Flow, OAuth2, refresh token, token expiry, expired token, Access token request via refresh, OAuth2 Authorization Code credential, OAuth2 Client Authorization Code Credentials artifact, security artifact, invalid_grant, invalid refresh token, client ID, failed after 5 retries , KBA , LOD-HCI-PI-CON-SOAP , SOAP Adapter , Problem